CVE-2021-37832

A SQL injection vulnerability exists in version 3.0.2 of Hotel Druid when SQLite is being used as the application database. A malicious attacker can issue SQL commands to the SQLite database through the vulnerable idappartamenti parameter. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt